CVE-2006-0055

Publication date 11 January 2006

Last updated 17 July 2025

Ubuntu priority

Description

The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
ee	7.10 gutsy	Fixed 1:1.4.2-5
	7.04 feisty	Fixed 1:1.4.2-5
	6.10 edgy	Fixed 1:1.4.2-5
	6.06 LTS dapper	Fixed 1:1.4.2-5

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2006-0055

CVE-2006-0055

Description

Status

References

Other references

Access our resources on patching vulnerabilities